﻿#region Header
/*
 * name：AuthorizationExtention
 * author：Kain
 * date：11/26/2010 1:47:00 PM
 *********************************************
 * History:
 * $Header$
 * $History$
 */
#endregion

#region imported namespace
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Security.Principal;
using System.Web;
using System.Globalization;
using Cherry.Agile.Security;
using System.Threading;
using Cherry.Agile.Framework;
#endregion

namespace Cherry.Agile.Security
{
    /// <summary>
    /// 权限扩展方法
    /// </summary>
	public static class AuthorizationExtention
	{
        const string SUPER_ADMINISTRATOR_ROLE = "superadmin";
        const string ADMINISTRATOR_ROLE = "admin";
        /// <summary>
        /// 用户是否为超级管理员
        /// </summary>
        /// <param name="principal"><see cref="System.Security.Principal.IPrincipal"/></param>
        /// <returns>是否为超级管理员</returns>
        public static bool IsSuperAdmin( this IPrincipal principal)
        {
            return Authorization.IsInRole(SUPER_ADMINISTRATOR_ROLE);
        }

        public static User GetUser(this IPrincipal principal)
        {
               if (principal.Identity is User)
                return (User)principal.Identity;
            else
                   return new User(string.Empty); 
        }

        /// <summary>
        /// 判断用户是否属于一个组织
        /// </summary>
        /// <param name="principal"></param>
        /// <param name="orgId"></param>
        /// <returns></returns>
        public static bool IsInOrg(this IPrincipal principal, int orgId)
        {
            return Authorization.IsInOrg(orgId);
        }

        /// <summary>
        /// 判断以一个用户是否可以操作该组织
        /// </summary>
        /// <param name="principal"></param>
        /// <param name="orgId"></param>
        /// <returns></returns>
        public static bool CanPossessOrg(this IPrincipal principal, int orgId)
        {
            return Authorization.CanPossessOrg(orgId);
        }
        
        /// <summary>
        /// 获取用户的组织Id串
        /// </summary>
        /// <param name="principal"></param>
        /// <returns></returns>
        public static string[] GetOrgIds(this IPrincipal principal)
        {
            return Authorization.GetOrgIds();
        }
        
        /// <summary>
        /// 
        /// </summary>
        /// <param name="principal"></param>
        /// <returns></returns>
        public static string[] GetUserRoles(this IPrincipal principal)
        {
            User gp = Authorization.User;
            if (gp == null)
                return null;
            else
                return gp.Roles.Select( c=>c.Code).ToArray();
        }

        /// <summary>
        /// 
        /// </summary>
        /// <param name="principal"></param>
        /// <returns></returns>
        public static string[] GetUserPermission(this  IPrincipal principal)
        {
            User gp = Authorization.User;
            if (gp == null)
                return null;
            //else
            //    return gp.Roles.Select(c => c.Code).ToArray();
            var q = from g in gp.Roles
                    from p in g.Permissions
                    select p.Code;

            return q.ToArray();
        }

        /// <summary>
        /// 用户是否为管理员
        /// </summary>
        /// <param name="principal"></param>
        /// <returns></returns>
        public static bool IsAdmin( this IPrincipal principal)
        {
            return Authorization.IsInRole(ADMINISTRATOR_ROLE);
        }

        /// <summary>
        /// 
        /// </summary>
        /// <param name="principal"></param>
        /// <param name="role"></param>
        /// <returns></returns>
        public static bool HasRole(this IPrincipal principal,string role)
        {
            return Authorization.IsInRole(role);
        }

    

        /// <summary>
        /// 获取用户的文化信息
        /// </summary>
        /// <param name="principal"><see cref="System.Security.Principal.IPrincipal"/></param>
        /// <returns>用户的文化信息</returns>
        public static CultureInfo GetUserCultureInfo(this IPrincipal principal)
        {
            var user = principal.Identity as User;
            if (user != null)
            {
                return new CultureInfo(user.Cultural);
            }
            else
            {
                return null;
            }
        }

        /// <summary>
        /// 判断用户是否拥有指定的操作权限
        /// </summary>
        /// <param name="principal"><see cref="System.Security.Principal.IPrincipal"/></param>
        /// <param name="permission">操作权限</param>
        /// <returns>是否拥有指定权限</returns>
        public static bool HasPermission(this IPrincipal principal, string permission)
        {
            if( principal.IsSuperAdmin())
            {
                return true;
            }

            return Authorization.HasPermission(permission);
        }


        /// <summary>
        /// 加密用户密码
        /// </summary>
        /// <param name="user"></param>
        /// <param name="pwd"></param>
        /// <returns></returns>
        public static string EntryPassword( this User user, string pwd)
        {
           return EntryPasswordByUserId(user.ID, pwd);
        }

        /// <summary>
        /// 加密用户密码
        /// </summary>
        /// <param name="userId"></param>
        /// <param name="pwd"></param>
        /// <returns></returns>
        public static string EntryPasswordByUserId(int userId, string pwd)
        {
            return string.Format("{0}_{1}", userId, pwd).MD5();
        }
	}
}
